Load balancing with the Apache http server
Another typical configuration is used to support sticky sessions:
BalancerMember http://server6:1080... stickysession=JSESSIONID
The stickysession parameter, combined with the name of a cookie supported by the back ends, means that requests originating with individual users are always sent to the same back-end server.
This kind of limited distribution ensures the persistence of the requests, but it does interfere with the actual task of load balancing.
To forward information to the back-end servers in a targeted way, or to influence communications with the the back end, the proxy module also supports custom environmental variables and http headers, which you can use to restrict the connections to the back end or to advertise the use of SSL:
SetEnv proxy-nokeepalive 1 ... RequestHeader set Front-End-Https "On"
A number of standard variables and headers, such as proxy-nokeepalive, proxy-sendcl, X-Forwarded-For, or X-Forwarded-Server, saves typing and makes life easier for administrators.
Other modules support caching or filtering of content generated by the back ends. In addition to improving performance, caching also reduces the overall traffic volume and generally offloads some of the work from the back-end servers. Listing 2 enables a simple, file-based cache, including compression, for the whole URL space /. (Just to demonstrate how the exclusion feature works, the whole URL space below /users has been excluded.)
mod_cache Sample Configuration
01 CacheEnable disk / 02 CacheDisable /users 03 CacheRoot /var/cache/httpd 04 ... 05 AddOutputFilterByType DEFLATE text/html
If you loaded the status module (mod_status) when you launched the server, the proxy module also provides a simple but practical web interface (Figure 2). The simple configuration involves assigning a handler:
<Location "/.balancer-manager"> SetHandler balancer-manager </Location> ... ProxyPass /.balancer-manager !
However, it is important to take access control into consideration and to exclude processing individual URLs within the load balancer, which is achieved by means of a negative ProxyPass command. If you use the Apache rewrite module (mod_rewrite), you can define a separate rule to handle this case.
Management is restricted to viewing the status of all configured balancers, disabling individual pool members, or modifying some basic settings, but it is extremely useful if you encounter a problem, or if you wish to monitor multiple load balancers.
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.